Cyber-attacks pose an escalating threat to security and the economy due to a proliferation of sophisticated malware toolkits and a rapidly expanding reliance on Internet Protocol (IP)-based communication. According to Gartner, Inc., the number of connected devices will exceed 8 billion in 2017, and will grow to more than 20 billion by 2020. Many of these devices reside in machine-to-machine (M2M) “Internet of Things” (IoT) networks managing critical infrastructure, sensitive data, and hazardous industrial processes. Each device is a potential target or attack platform for malware, compromising traditional trust assumptions between communicating devices. Even networks that have been walled off from the public Internet may be vulnerable due to non-Ethernet interfaces such as USB ports.
Given the large number of legacy devices and the need for flexibility, it is impractical to rewrite every end application to secure M2M communications. In addition, current technologies are not effective and practical against all cyber-attacks. A compromised device, for instance, may spread malware to additional devices through a virtual private network. Moreover, conventional device-level protection, inclusive of anti-malware software and intrusion detection technology, tends to consume significant computing resources, and may degrade Quality-of-Service (QoS) to an unacceptable level in certain device networks. For instance, it may not be practical to install conventional device-level protection on lightweight edge appliances in IoT networks configured to provide line speed or near line speed performance. In any event, it may not be cost-effective or practical to upgrade large numbers of devices to host conventional node protection tools, particularly since these tools continue to experience rapid year-on-year increases in processing and memory requirements. The conventional tools, beyond costly, do not provide complete protection from intrusion.
The present disclosure relates, in certain embodiments, to methods, systems, products, software, middleware, computing infrastructure and/or apparatus applicable to device networks with QoS requirements for secure, trusted Ethernet-based communications in the presence of malware attack vectors.